Xindi Advertising Fraud Botnet May Cost Online Advertisers $3 Billion in Damages from OpenRTB Flaw

Let's just face it, advertising revenue makes the Internet go around and remain in existence. Without advertisers, the Internet would be a dire wasteland consumed by a completely different model of turning revenue exhibiting a completely different landscape than we see today.

If online fraudsters and hackers have it their way, they will see to it that advertisers lose billions of dollars by the end of 2016 if the perpetuation Xindi botnet responsible for leveraging flaws in an advertising protocol isn't stopped.

The advertising protocol that is being targeted by the Xindi botnet is one that takes advantage of a flaw within OpenRTB, which is an advertising protocol used to boost its owner's ad revenues. Within the past year the OpenRTB flaw, also known as CVE-2015-7266 and named the Amnesia bug, allows an attack with the proper know-how to listen to OpenRTB messages but not hold back receipt notifications for hours. In essence, the vulnerability within OpenRTB when attacked by the Xindi botnet, an infected machine makes requests for advertisements from the ad network but holds back notifications. This means that the advertisement network believes that an ad display failed and did not show, thus limiting the advertisement revenue from being accounted for on most ads that are fed through a given network.

Xindi botnet operators are busy with their operation of targeting well-known Fortune 500 companies, government agencies, and universities. Upon successful attacks on ad networks, the revenue streams generated by websites who rely on advertising money to survive could have dire consequences.

Advertisement networks are usually left naked in the world of ad fraud and lack the proper monitoring tools to detect fraudulent activity when it comes to the Xindi botnet aiming at specific targets. While most large companies and organizations have the necessary broadband connections and bogus advertisement detection methods in place, the Xindi botnet is clever enough to the point that those contingencies don't matter.

In the years' time that Xindi botnet has been active, it has been responsible for many attacks in quick bursts following the months of December 2014, March 2015, and August 2015. During this time, Xindi was targeting systems in the US running Windows 7 and Windows XP. Big name advertisers, such as Home Depot, Honda, Nissan, Pandora, Monster, Uber and Verizon were mostly affected.

Due to some of the ad networks electing not to properly fix the OpenRTB flaw, agencies like Pixalate, an online fraud protection and quality ratings outlet, estimate that the currently-vulnerable networks look to lose up to $3 million from their fake ad impressions by the end of 2016. In knowing this, it is prudent that those ad networks who have failed to fix the OpenRTB protocol flaw take action to do so now rather than later, because the bottom line looks to be billions of dollars lost along with several jobs.